Menu

Monthly Archives: March 2010

Data on 3.3 million borrowers was stolen from a nonprofit company that helps with student loan financing.

The theft occurred on March 20 or 21 from the headquarters of Educational Credit Management Corp. (ECMC), which services loans when student borrowers enter bankruptcy. The data was contained on portable media, said the organization, which is a dedicated guaranty agency for Virginia, Oregon and Connecticut.

My office is investigating allegations that a radiologist formerly affiliated with Griffin Hospital improperly accessed the medical information of almost 1,000 of the hospital’s patients,” Blumenthal said in a prepared statement

Hacker Albert Gonzalez is sentenced to 20 years in prison for his role in hacking TJX, Barnes & Noble, OfficeMax and other retailers. He faces the possibility of more time behind bars when he is sentenced for his role in hacking a slew of other companies, including Heartland Payment Systems.

“In my view, the implementation of FISMA has been like getting on a treadmill as a means to go to a destination,” Gilligan said in prepared testimony. “A treadmill is great if all you want is exercise, but it is not the way to reach a destination.,” he added.

Often, merchants prepare a thoughtful risk assessment and then file it away (a.k.a., “shelfware”) until their QSA returns the next year, at which time it gets dusted off, reviewed and, hopefully, updated. If that describes your situation, you could be missing a golden opportunity to reduce your PCI scope, lower your risk and cut your cost of PCI compliance

Three men accused of being involved an audacious attack on US ATM machines in 2008 have been arrested by the feared Russian Security Service (FSB) in an event that is being interpreted as marking a sea change in Russian policy towards cybercrime.

In the seven years that it has been the law of the land, FISMA, The Federal Information Security Management Act, has helped raise awareness of the need for information security on the federal government&apos;s networks, as well as on the networks supporting private industry.

But this latest version of the Office of Management and Budget&apos;s FISMA report to Congress pulls into focus the ways that the Obama Administration wants to change how the federal government complies with FISMA at a time when cyberthreats are escalating.

What follows are 10 commonsense steps you can take to prepare for a FISMA audit. While basic FISMA compliance won&apos;t always meet every government organization&apos;s security requirements–for example, you may be required to implement stricter data control requirements or a more involved change control process–you will have a sturdy base to build on.